package com.sky.wsp.guo.mi.controller;

import org.springframework.security.access.prepost.PreAuthorize;
import org.springframework.security.core.Authentication;
import org.springframework.security.core.GrantedAuthority;
import org.springframework.security.core.context.SecurityContextHolder;
import org.springframework.web.bind.annotation.GetMapping;
import org.springframework.web.bind.annotation.RestController;

import java.util.Collection;

@RestController
public class UserController {
 
    @GetMapping("/user")
    @PreAuthorize("hasRole('USER')") // 只有ADMIN角色可以访问这个接口
    public String adminEndpoint() {
        Authentication authentication = SecurityContextHolder.getContext().getAuthentication();
        Collection<? extends GrantedAuthority> authorities = authentication.getAuthorities();
        authorities.forEach(authority -> System.out.println(authority.getAuthority()));
        String name = authentication.getName();
        System.out.println(name);
        return "Hello " + name + ", Welcome to the user area!";
    }
}